United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
I nilid Stall-, Patent and Trademark Office 

Address: COMMISSIONER FOR PATENTS 



APPLICATION NO. 



10/751,539 



FILING DATE 



01/00/2004 



44987 7590 05/11/2009 

HARRITY & HARRITY, LLP 
11350 Random Hills Road 
SUITE 600 
FAIRFAX, VA 22030 



FIRST NAMED INVENTOR 



Gregory Sidebottom 



ATTORNEY DOCKET NO. CONFIRMATION NO. 



SOL, ANTHONY M 



PAPER NUMBER 



DELIVERY MODE 



Please find below and/or attached an Office communication concerning this application or proceeding. 

The time period for reply, if any, is set in the attached communication. 



PTOL-90A (Rev. 04/07) 



l/ffflrC? nVrliUli Otfff Iff ids y 


Application No. 

10/751,539 


Applicant(s) 
SIDEBOTTOM ET AL. 


Examiner 

Anthony Sol 


Art Unit 

2419 





- The MAILING DATE of this communication appears on the cover sheet with the correspondence address — 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )KI Responsive to communication(s) filed on 1/26/2009 . 
2a )□ This action is FINAL. 2b)^ This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) |EI Claim(s) 1,2,8-12,16,18, 20-24, 26-29,31 and 33-35 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) 13 Claim(s) 1.2.8-12.16.18. 20-24. 26-29. 31 and 33-35 is/are rejected. 

7) 0 Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) Q The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

20 Certified copies of the priority documents have been received in Application No. . 

3.Q Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attach ment(s) 

1) ^| Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-41 3) 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) □ Information Disclosure Statement(s) (PTO/SB/08) 5 ) □ Notice of Informal Patent Application 

Paper No(s)/Mail Date . 6) □ Other: . 



PTOL-T26 d (Rev e 08-06r 



Office Action Summary 



Part of Paper No./Mail Date 20090504 



Application/Control Number: 

10/751,539 

Art Unit: 2419 



Page 2 



DETAILED ACTION 

• Applicant's Amendment filed 1/26/2009 is acknowledged. 

• Claims 2, 8-10, 12, 21-24, 26-29, 31, and 35 have been amended. 

• Claims 1, 2, 8-12, 16, 18, 20-24, 26-29, 31, and 33-35 remain pending. 

Claim Rejections - 35 USC § 102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1 ) an application for patent, published under section 1 22(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

2. Claims 1 , 8-1 2, 16, 20-24, 26-29, 31 , and 33-35 are rejected under 35 
U.S.C. 102(e) as being anticipated by Pub. No. US 2003/0212904 A1 ("Randle"). 

Regarding claims 1, 8, 10, 11, 23, 26, 28, 29, 31, and 35, 
Randle shows in figs. 1A and 1B a service gateway 10, 14 (note that the 
combination of components 10 and 14 is mapped to the service gateway as claimed) in 
communication with a first entity 12a-n and a second entity 13a-n (para. 39, The user 
may be associated with one or more channels or institutions 12a- 
n (which may optionally be used by an end user) , or the user may 
be a destination in a plurality of destinations 13a-n, as shown 
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in fig. IB), the service gateway comprising a first interface module 14a to receive, 
from the first entity, a message requesting performance of a service (para. 47, The 

user initiates a request in the form of a message 20 through a 
channel 12a-n. The message 20 includes information, such as a 

sign-on protocol 43 (See fig. 4)) in an extensible set of services offered by 

the second entity (para. 42, As new applications are built, 
interoperability with other services is designed into present 
system; para. 107, IFX provides an open standard, eliminating 
the need for a second message layer, leverages multiple industry 
players for best-of -breed solutions, provides a robust message 
set, meshes nicely with XML, and is extensible in a predefined 
process) , the message including a service name that corresponds to the service and 
an argument that includes data useful in performing used to perform the service (para. 
48, As an example, a message in the preferred embodiment would 
include the name of the request , such as a request for 
authentication; the name of a request component, such as the 
type of channel 12 is an ATM; an element of the request 
containing data , such as user ID; and the name of a simple 
business request within a service, such as an account balance 
inquiry) , an access control module 25 (para. 50, fig. 2A depicts the 
receipt of a message 20 composed in a normalized language. The 
message 20 is received by a processor 25 , which coordinates a 
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channel device session identification look-up 22 and creates a 
session cache entry 23. The processor 25 decodes the message 20) 
to make a first determination of whether the first entity is permitted to request 
performance of the service corresponding to the service name, make a second 
determination of whether the argument is permitted to be provided by the first entity, 
and make a third determination of whether the argument is permitted to be requested 
for the service corresponding to the service name, (para. 54, in the preferred 
embodiment, when the session 28 is established, a service 
profile is created listing valid items, requests, and/or 
services that may be contained in a message 20 and/or executed 
by the user and/or device making the request. The service 
profile corresponds to a profile 40 (See FIG. 4) listing 
products, accounts, services, and so on, available for that user 
at a given destination 13a-n . Further access control may be 
applied based on core elements included in the message 20 or on 
file profiles for service providers and the like), and a second 

interface module 14n to selectively request performance of the service by the second 
entity 13a-n based, at least in part, on results of the first, second, and third 
determinations of the access control module (para. 54, .The service profile 
corresponds to a profile 40 (See FIG. 4) listing products, 
accounts, services, and so on, available for that user at a 
given destination 13a-n ) . 
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Additionally for claim 26, 

Randle discloses a service activation component 10 configured to provide the 
services to the subscribers 12a-n, and a service gateway 10 configured to act as a 
single point of contact between the retailer systems 12a-n and the service activation 
component, the service gateway providing controlled access, by the retailer systems, to 
the services provided by the service activation component, the service gateway 
permitting each of the retailer systems access to a subset of the services provided by 
the service activation component via the controlled access (para. 39, The present 
invention provides for the integration of related and nonrelated 
channels, devices and services. FIG. 1A shows an overview of 
the present invention. The invention comprises an integrator 10 
in contact through a network 11 with at least one user having a 
relationship with the integrator 10 or a relationship with 
another user or entity that is connected to the integrator. The 
user may be associated with one or more channels or institutions 
12a-n (which may optionally be used by an end user) , or the user 
may be a destination in a plurality of destinations 13a-n, as 
shown in FIG. IB. In the preferred embodiment, the user is a 
financial institution and the network is the Internet. The 
system may be accessed using both wired and wireless means) . 
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Regarding claim 9, 

Randle shows in fig. 4 an embodiment of the invention for the secure processing 
of financial documents, such as a check. The process is initiated at a channel 12, such 
as a point of sale or transaction from a purchaser to a merchant, capturing certain 
information, such as the MICR line and check amount from the check of the purchaser 
and a purchaser-supplied credential 43 for authorization and/or authentication. Further 
access control may be applied based on user-to-account (in the case of on behalf of), 
owner to account, account-to-account relationship, and service provider and requestor 
to user relationship rules (claimed plurality of service activation components)(para. 77). 

Randle further discloses a second entity locator 25 configured to obtain 
information associated with the service activation components, and wherein where the 
second interface module 14n is further configured to contact the second entity locator to 
identify one of the service activation components from which to request performance of 
the service (para. 7 9, In the preferred embodiment, an adapter 14 
converts any message 20 transmitted in a nonstandardized 
language to an XML message 24. The adapter 14 then routes the 
translated message to the processor 25 , which decodes the 
message, confirm the user, and determines a determinate, used to 
determine the destination 13a-n of the request . The processor 
25 forwards the message to a destination 13a-n that can respond 
to the request made from the channel 12 . An adapter 14a-n 
linked to the processor 25 and the network 11 may be used to 
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translate the message into a format recognized by the 
destination 13a-n . The adapter 14a-n adapts the message 20 to an 
acceptable format that will allow the destination 13a-n to 
respond to the request of the message, and then forwards the 
message to the destination 13. The destination 13 determines if 
the request of the message is available to the user through 
comparison of information contained in the message to a 
preexisting service profile 40 (as shown in FIG. 4) for that 
user. The service profile 40 in the checking embodiment 
includes, but is not limited to, account validation, funds 
availability, verify against positive pay files, evaluate for 
propensity for fraud, and the like) . 

Regarding claims 12 and 22, 

Randle discloses that network 1 1 of fig. 1A may be the Internet (para. 39). 
Regarding claims 16, 20, 21, 24, 33, and 34, 

Randle discloses that based upon the content of the message 20 and/or any mix 
of the following : the particular channel 12a-n, the request contained in the message 
20 made by a user using that channel 12a-n, the services provided from that channel 
12a-n, the owner of the channel 12a-n or family of service providers that it belongs to, 
the credential presented and/or required for authentication and/or authorization of a 
user using that channel 12a-n, and the language and/or interface of the destination 
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13a-n of the user's request contained in the message 20, is recognized (para. 51). 

Randle further discloses that before processing the content of the message 20, if 
the message is from an untrusted channel, the sign-on information is validated as 
shown the Figures. After any required translation by the adapter 14, the processor 25 
determines and executes a determinate. The determinate is used to determine the 
security service 29 used to validate the sign-on information contained in the message 
20. Validation is performed by a multidimensional decision process that may include 
the comparison of sign-on information contained in the message 20 to data, such as a 
reference table or corresponding determinate that includes specific information 
associated with the user, including passwords, biometrics, codes, and the like, stored 
either internally or externally at the security service 29. Validation may also be based 
on confirmation of role and/or rules associated with the user, device or channel. If no 
verification is attained, a denial is sent back to the processor 25, which relays the denial 
to the channel 12 , which may prompt the user to retry the sign-on protocol or request 
additional identifying information, such as a preset answer to a question. 

Regarding claim 27, 

Randle discloses that session is related to, and is a critical element of, security. 
In the system of the present invention, a unique session object or key is created that 
allows use of external and internal security applications, which allows the system to 
switch among many security applications based on elements in a given request or 
activity. The present invention provides a universal service for security that provides a 
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path to single sign-on. By using a unique session, a link is created to all systems 
interactions for a given session key that can be tied to logging, journaling, and error 
reporting to provide for non-repudiation (claimed network services)(para. 61). 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 2 and 18 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Randle in view of US 2003/0055968 A1 ("Hochmuth"). 

Regarding claims 2 and 18, 

Randle discloses that an interface is provided that allows multi-credential, multi- 
service, multi-role, and multi-channel based routing to multiple authorization and 
authentication providers independent of the location of the credential, language or 
dialect used by the channel (para. 98, see also paras. 80 and 107) 

Randle does not disclose that the activation component is configured to configure 
a router to deliver a service. 

Hochmuth discloses reconfiguration may also involve steps such as, but not 
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limited to, configuring network devices to move a port on which network resource 42 is 
connected from one cell to another, configuring a router's access control list (ACL) 
and/or other parameters (para. 44). 

It would have been prima facie obvious to one of ordinary skill in the art at the 
time of the invention was made to modify the integration system of Randle to provide a 
capability to provide router configuration service as taught by Hochmuth. One skilled in 
the art would have been motivated to make the combination to permit or deny access to 
network resource 42 through any network connection, and/or configuring a firewall 
(Hochmuth, para. 44). 



Response to Arguments 

5. Applicant's arguments with respect to claims 1 , 2, 8-1 2, 1 6, 1 8, 20-24, 26-29, 31 , 
and 33-35 have been considered but are moot in view of the new ground(s) of rejection. 



Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Anthony Sol whose telephone number is (571)272-5949. 
The examiner can normally be reached on M-F 7:30am - 4pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Jay Patel can be reached on (571) 272-2988. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 



Application/Control Number: Page 11 

10/751,539 

Art Unit: 2419 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



/A. S./ 

Examiner, Art Unit 2419 
/Jayanti K. Patel/ 

Supervisory Patent Examiner, Art Unit 2419 



